Bug#826646: Incorrect handling with initial_cwd variable

Andreas Metzler ametzler at bebt.de
Sat Jun 11 13:21:25 UTC 2016

On 2016-06-10 Серж ИвановЪ <evasive.gyron at gmail.com> wrote:
> Our friends at Ubuntu released initial_cwd security patch correctly from
> the start.

> Here is a relevant change log:
> http://changelogs.ubuntu.com/changelogs/pool/main/e/exim4
> /exim4_4.82-3ubuntu2.1/changelog

> "debian/patches/CVE-2016-1531-4.patch: delay chdir(/) until we opened the
> main config."

> Some feedback would be greatly appreciated.

Thanks for the pointer, I will try to get a fix approved for the next
oldstable release.

cu Andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Pkg-exim4-maintainers mailing list